deltaphillip
2007-08-18, 07:54
not sure of what is but when i click on my mp3player on My Computer, it opens that window that says: choose a program to be used to open G:\" (wth?). Well here is a highjack this log, with some entries that i could not remove, it keeps apearing again:
Logfile of HijackThis v1.99.1
Scan saved at 01:41:06, on 18/8/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\ctfmon.exe
C:\FirefoxPortable\App\firefox\firefox.exe
D:\Documents and Settings\Felipe Villar\Minhas barras de ferramentas\quick\[segurança]\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
O2 - BHO: (no name) - {784D8FBC-4165-4D88-90FB-62907ACDD045} - (no file)
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O4 - HKLM\..\Run: [Agent] "D:\Arquivos de programas\CyberLink\PowerVCRII\Agent.exe"
O4 - HKLM\..\Run: [Remote_Agent] "D:\Arquivos de programas\CyberLink\PowerVCRII\RemoteAgent.exe"
O4 - HKLM\..\Run: [SoundVolumeHotkeys.{9547D1C7-4F18-4104-8674-046DCD12BDF9}] C:\Arquivos de programas\Sound Volume Hotkeys\SoundVolumeHotkeys.exe -a
O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [UpdateBiblia] D:\Arquivos de programas\BibliaTools\UpdateBiblia.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://D:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} -
O20 - Winlogon Notify: igfxcui - D:\WINDOWS\
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Avast4\ashWebSv.exe" /service (file missing)
i ask for help and i dont know what else to do. thanks, God bless ya back.
Logfile of HijackThis v1.99.1
Scan saved at 01:41:06, on 18/8/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\ctfmon.exe
C:\FirefoxPortable\App\firefox\firefox.exe
D:\Documents and Settings\Felipe Villar\Minhas barras de ferramentas\quick\[segurança]\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
O2 - BHO: (no name) - {784D8FBC-4165-4D88-90FB-62907ACDD045} - (no file)
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O4 - HKLM\..\Run: [Agent] "D:\Arquivos de programas\CyberLink\PowerVCRII\Agent.exe"
O4 - HKLM\..\Run: [Remote_Agent] "D:\Arquivos de programas\CyberLink\PowerVCRII\RemoteAgent.exe"
O4 - HKLM\..\Run: [SoundVolumeHotkeys.{9547D1C7-4F18-4104-8674-046DCD12BDF9}] C:\Arquivos de programas\Sound Volume Hotkeys\SoundVolumeHotkeys.exe -a
O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [UpdateBiblia] D:\Arquivos de programas\BibliaTools\UpdateBiblia.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://D:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} -
O20 - Winlogon Notify: igfxcui - D:\WINDOWS\
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Avast4\ashWebSv.exe" /service (file missing)
i ask for help and i dont know what else to do. thanks, God bless ya back.